Google Provides Detailed Analysis of GitHub Attack Traffic Google Provides Detailed Analysis of GitHub Attack Traffic

The high-profile DDoS attack against GitHub that went on for several days last month was the end result of an operation that included several phases and extensive testing and optimization by the attackers. Researchers at Google analyzed the attack traffic over several weeks and found that the attackers used both Javascript replacement and HTML injections.

It wasn’t until March 26 that the attackers actually began targeting two separate resources on GitHub, one of which housed content from, a censorship monitoring organization in China. The other resource was Chinese language content from the New York Times. The attack on those resources lasted until April 7 and Provos said that the attack wouldn’t have been possible if all of the Web’s links were encrypted.

“Had the entire web already moved to encrypted traffic via TLS, such an injection attack would not have been possible. This provides further motivation for transitioning the web to encrypted and integrity-protected communication,” Provos said. Pin-pointing China’s attack against GitHub Pin-pointing China’s attack against GitHub

For the past week, the website “GitHub” has been under attack by China. In this post, I pin-point where the attack is coming from by doing an http-traceroute.

GitHub is a key infrastructure website for the Internet, being the largest host of open-source projects, most famously Linux. (I host my code there). It’s also a popular blogging platform.

Among the zillions of projects are and These are mirrors (copies) of the websites and GreatFire provides tools for circumventing China’s Internet censorship, the NYTimes contains news stories China wants censored.

China blocks the offending websites, but it cannot easily block the GitHub mirrors. It’s choices are either to block or allow everything on GitHub. Since GitHub is key infrastructure for open-source, blocking GitHub is not really a viable option.

The way the attack worked is that some man-in-the-middle device intercepted web requests coming into China from elsewhere in the world, and then replaced the content with JavaScript code that would attack GitHub. Specifically, they intercepted requests to Baidu’s analytics. The search-engine Baidu is the Google of China, and it runs analytics software like Google in order to track advertising. Everyone outside China visiting internal pages would then run this JavaScript to attack GitHub. Since the attack appears to be coming “from everywhere”, it’s impractical for GitHub to block the attack.

Using my custom http-traceroute, I’ve proven that the man-in-the-middle machine attacking GitHub is located on or near the Great Firewall of China. While many explanations are possible, such as hackers breaking into these machines, the overwhelmingly most likely suspect for the source of the GitHub attacks is the Chinese government.

This is important evidence for our government. It’ll be interesting to see how they respond to these attacks — attacks by a nation state against key United States Internet infrastructure. E-Bike Hub Motor Factory in China E-Bike Hub Motor Factory in China

Most large hub motors that come out of China are based on the 9-Continents motor (or 9C). This is the most common direct drive hub motor on the market. Currently there are hundreds of Chinese factories churning out whats called “9C clones”. In China there is pretty much no respect for copyright law and once a design has proven itself to work well, it is replicated in bulk. The 9C clone is what the faster e-bike kits consist of, and is actually the same design that the new Crystalyte (read review) was based on. For a detailed explanation of what a 9C motor is made up, read our detailed story on the 9C motor.

9C hub motor clones come in all shapes and sizes. A customer who is making a large enough order can specify the diameter of the motor, the width of the magnets, the thickness of the copper wiring, and the thickness of the wires going into the motors. It’s amazing to see piles of hub motors which I know will bring many hours of joy to whoever owns one. It gets me juiced up and excited to think of all these delicious motors mounted to bicycles of all shapes and sizes all over the world.